Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
File:                     TStBlpVqQxU0D4J9mSoPeikoTD4.mft (raw, json)
Hash identifier:          +j+ooeOG5mg40YgFUWbAMSNuD6M9aneLKCzVVFSGVWQ=
Subject key identifier:   8B:14:2D:AF:6B:B1:A5:DD:1C:58:59:52:1C:BE:9D:78:11:F2:43:8F
Authority key identifier: 4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E
Certificate issuer:       /CN=4d2b4196956a4315340f827d992a0f7a29284c3e
Certificate serial:       019D265F65B3857257795D1019B62A0BF187
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
Manifest number:          1515
Signing time:             Wed 25 Mar 2026 19:01:19 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:19 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:19 +0000
Files and hashes:         1: TStBlpVqQxU0D4J9mSoPeikoTD4.crl (hash: NHTDie203WveY0M2Dqu+Vv9JgNPGMl+XIv5QPfHKbb8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:65:b3:85:72:57:79:5d:10:19:b6:2a:0b:f1:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2b4196956a4315340f827d992a0f7a29284c3e
        Validity
            Not Before: Mar 25 19:01:19 2026 GMT
            Not After : Mar 26 19:01:19 2026 GMT
        Subject: CN=8b142daf6bb1a5dd1c5859521cbe9d7811f2438f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:21:e5:ff:5c:70:35:73:ba:60:db:e5:12:d8:
                    c5:48:21:41:c5:eb:eb:d7:e1:46:0a:57:a5:02:15:
                    0e:c2:83:51:27:ce:81:70:58:99:aa:48:b4:a5:87:
                    f3:86:b2:74:5c:e1:84:1c:07:c0:f4:e5:6e:d4:bb:
                    40:ac:e5:67:e1:db:dd:b6:d6:26:9a:86:47:eb:af:
                    39:80:2e:01:90:ec:84:84:dd:12:8f:38:13:85:c9:
                    f9:b0:e5:51:6e:72:10:4f:42:82:fc:0c:70:f7:ca:
                    18:51:a6:2f:89:6a:b5:b0:d3:09:bd:19:4d:34:4f:
                    ea:53:8c:ce:e9:10:5b:c8:72:0d:22:fb:94:c5:4c:
                    aa:32:ff:28:d6:09:33:b0:72:aa:07:e1:f2:4d:b6:
                    f9:9c:0d:55:91:32:24:bb:a8:40:f8:e6:de:9c:2a:
                    bc:59:ab:ca:f8:cd:f5:77:43:9e:bf:f2:08:b5:01:
                    21:a6:74:a9:9c:8b:8c:bd:65:0b:c6:96:ba:48:df:
                    b1:e7:ac:9e:40:05:da:34:5b:5d:58:ad:2c:7c:36:
                    fe:a2:6a:83:e9:be:5b:ef:0e:3d:bc:f3:e0:b3:e7:
                    c5:3a:a3:5a:6b:9f:cc:cc:d9:77:d8:25:c2:7b:db:
                    27:e1:35:1b:68:14:0b:35:10:72:2a:c3:f8:fc:d4:
                    44:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:14:2D:AF:6B:B1:A5:DD:1C:58:59:52:1C:BE:9D:78:11:F2:43:8F
            X509v3 Authority Key Identifier:
                keyid:4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:6b:41:a6:60:ce:a3:8b:1b:a4:2e:7a:ff:93:d7:35:60:d1:
         7b:75:ab:04:ee:b9:14:42:57:9e:35:64:7e:c8:54:0b:ff:98:
         36:6d:0b:4f:a8:ef:23:fc:fc:ca:86:4c:25:4a:c9:da:da:d4:
         21:8f:cf:b3:a2:46:b0:2b:be:85:13:91:be:a1:74:74:0e:d0:
         d6:21:73:23:3d:ac:19:a4:fe:11:2e:ff:fd:35:48:e0:c5:9d:
         71:d2:4d:3b:90:b2:1c:4b:53:76:64:d3:37:aa:84:dd:0e:ea:
         82:0b:d7:bd:d9:a7:f1:08:84:df:05:53:5b:77:c0:25:e9:b2:
         34:d9:cf:7a:fd:54:87:52:52:23:af:61:39:66:d1:c3:e8:dd:
         77:0c:75:3d:8a:57:5e:55:68:d7:e3:a0:c0:08:fb:da:07:f3:
         45:ed:7b:90:76:d2:18:d9:fa:26:b8:7d:52:35:bb:cb:47:b7:
         e8:ec:07:07:92:23:fb:fb:52:b2:52:fe:a3:c4:2d:96:2a:24:
         9f:c5:25:f4:3a:af:5e:00:74:dc:0f:2c:fe:c4:6b:aa:47:45:
         7c:68:1f:e0:43:ed:df:25:09:be:5e:bc:1b:0b:19:04:ca:55:
         95:02:da:c4:20:05:c0:25:55:6b:0e:ea:e5:f7:25:bb:22:ea:
         48:97:98:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX2WzhXJXeV0QGbYqC/GHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMmI0MTk2OTU2YTQzMTUzNDBmODI3ZDk5MmEwZjdhMjky
ODRjM2UwHhcNMjYwMzI1MTkwMTE5WhcNMjYwMzI2MTkwMTE5WjAzMTEwLwYDVQQD
Eyg4YjE0MmRhZjZiYjFhNWRkMWM1ODU5NTIxY2JlOWQ3ODExZjI0MzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSHl/1xwNXO6YNvlEtjFSCFBxevr
1+FGClelAhUOwoNRJ86BcFiZqki0pYfzhrJ0XOGEHAfA9OVu1LtArOVn4dvdttYm
moZH6685gC4BkOyEhN0SjzgThcn5sOVRbnIQT0KC/Axw98oYUaYviWq1sNMJvRlN
NE/qU4zO6RBbyHINIvuUxUyqMv8o1gkzsHKqB+HyTbb5nA1VkTIku6hA+ObenCq8
WavK+M31d0Oev/IItQEhpnSpnIuMvWULxpa6SN+x56yeQAXaNFtdWK0sfDb+omqD
6b5b7w49vPPgs+fFOqNaa5/MzNl32CXCe9sn4TUbaBQLNRByKsP4/NREEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIsULa9rsaXdHFhZUhy+nXgR8kOPMB8GA1UdIwQY
MBaAFE0rQZaVakMVNA+CfZkqD3opKEw+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUt
NDU1YTBhNjFmMWVhLzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUtNDU1YTBhNjFmMWVh
LzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEGtBpmDO
o4sbpC56/5PXNWDRe3WrBO65FEJXnjVkfshUC/+YNm0LT6jvI/z8yoZMJUrJ2trU
IY/Ps6JGsCu+hRORvqF0dA7Q1iFzIz2sGaT+ES7//TVI4MWdcdJNO5CyHEtTdmTT
N6qE3Q7qggvXvdmn8QiE3wVTW3fAJemyNNnPev1Uh1JSI69hOWbRw+jddwx1PYpX
XlVo1+OgwAj72gfzRe17kHbSGNn6Jrh9UjW7y0e36OwHB5Ij+/tSslL+o8Qtliok
n8Ul9DqvXgB03A8s/sRrqkdFfGgf4EPt3yUJvl68GwsZBMpVlQLaxCAFwCVVaw7q
5fcluyLqSJeYWQ==
-----END CERTIFICATE-----